package com.jinbm.common.controller;

import com.jinbm.utils.StringEscapeEditor;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;

/**
 * 基础控制器，防止XSS攻击
 *
 * @author Jinbm
 * @date 2024/7/8
 * @since 1.0
 */
public class BaseController {
    /**
     * 重写方法，防止XSS攻击
     * @author Jinbm
     * @date 2024/7/8
     * @param binder
     */
    @InitBinder // 确保每次请求都重写
    public void initBinder(WebDataBinder binder) {
        binder.registerCustomEditor(String.class, new StringEscapeEditor(true, false));
    }

}